Iurie Cojocaru

Partner, CIPP/E

iurie.cojocaru@nndkp.ro
+40 21 201 1200

Practice areas

Expertise

Iurie has more than 16 years of experience in the legal field.

He heads the Data Protection practice of the firm.

Iurie specializes in the data protection field, his expertise covering processing employees’ data, building and using databases for supporting sales and marketing activities, e-privacy matters (including social networking sites, cookies consent rules and commercial communications), data sharing in mergers, acquisitions and winding-up projects, regulatory compliance (including in connection with disciplinary procedures and FCPA audits), data breach regulations, data subject rights, processing and data transfer formalities, archiving formalities (including in cases of winding-up of companies), classified information.

He assists clients in controls by the data protection authority, in internal data protection and privacy audits, and with training activities.

His area of expertise also includes environmental law.

Areas of specialization:

Data Protection and Privacy

  • GDPR gap analysis and audits
  • GDPR and DPO training
  • processing employees’ data, including data sharing within the group for benefits programs and whistleblowing schemes
  • building and using databases for supporting sales and marketing activities
  • e-privacy matters, including social networking sites, cookies consent rules and commercial communications
  • data sharing in mergers, acquisitions and winding-up projects
  • regulatory compliance, including in connection with disciplinary procedures and FCPA audits
  • data breach regulations
  • data subject rights
  • processing and data transfer formalities
  • controls by the data protection authorities
  • internal data protection and privacy audits and training
  • archiving formalities (including in cases of winding-up of companies)
  • classified information

Environment

  • environmental issues in mergers and acquisitions
  • environmental and other permitting matters
  • waste management
  • hazardous substances
  • protected natural areas
  • environmental liability, including for historic pollution
  • sanitary, veterinary and food safety matters
  • compliance matters, including in case of polluting incidents and authorities’ controls
  • environmental related litigation

Representative Cases and Transactions

Data Protection and Privacy

  • assistance to a large retail group in conducting an internal audit to assess compliance with data protection requirements, as well as preparing and implementing an action plan with the measures set out in the audit report; also provided training to teams involved in the processing of personal data
  • assistance to a large financial institution and its subsidiaries with conducting an audit of the processing operations within the group to assess compliance with GDPR requirements, drafting an audit report with the findings, preparing an action plan with recommended measures to be implemented by the group to ensure compliance and assisting with the implementation thereof
  • advice to a global company active in the cosmetic industry in carrying out a full-scale audit on the data processing operations of its Romanian affiliate and implementing the measures set forth in the audit report; also provided assistance in respect of day-to-day activities
  • assistance to a leading online classified business in Europe with operations world-wide in selling the database of a Romanian general classified website to a South African multinational mass media corporation
  • compliance by the Romanian branch of an American multinational insurance corporation with privacy formalities and related procedures
  • protection of personal data and archiving by a leading software producer
  • project by a major telecommunications operator, in connection with the possible extension of the access to credit bureaus regulations to allow telecom operators access to data required for financial exposure prevention purposes
  • assistance of a leading operator in the cement industry in dealing with its data protection obligations in the context of transferring its data in the cloud computing system
  • compliance with Romanian data protection rules of the website of a major Italian manufacturer of luxury fashion goods
  • representation of the local affiliate of a leading American software corporation in its relation with data protection control authorities

Environment

  • day-to-day assistance in post-privatization matters for a major company in the automotive industry, involving permitting and regulatory and commercial environmental issues
  • day-to-day assistance in relation to environmental and sanitary veterinary matters for a large German retailer
  • litigation on behalf of a leading agricultural company against the environmental authorities, in relation to the surrender of greenhouse gas emission allowances
  • environmental, sanitary veterinary and food safety matters in the animal rearing and food processing industries for the Romanian entities of the world’s largest hog producer and processor
  • waste management obligations in the context of a waste collection project of the Romanian subsidiary of a large German retailer
  • environmental and nuclear compliance in the context of building and operating of a radiotherapy center in Cluj, project financed by the largest Romanian bank
  • assistance of the Romanian affiliate of a major American technology corporation acting in computer and printing business in dealing with its obligations on waste electrical and electronic equipment
  • compliance of the Romanian affiliate of a world leader in soft drinks production with its obligations towards the Environmental Fund
  • project consisting in ecological reconstruction in Danube valley undergone by a the leading organization in wildlife conservation and endangered species
  • assistance of a Dutch consortium of consultancy companies in the context of a floodplain redevelopment project
  • representation of a company operating a major shopping center in Bucharest in its relation with environmental control authorities

Accolades

  • Recommended, TMT (Legal 500, 2023)

Education

  • University of Bucharest Law School, Law Degree
  • University of Bucharest Law School, Master Degree in Business Law
  • Paris I, Panthéon-Sorbonne University, Collège Juridique Franco-Roumain d’Etudes Europèennes, Master Degree in European and International Law

Memberships and Affiliations

  • Bucharest Bar
  • The International Association of Privacy Professionals (IAPP)

Notable Contributions

  • contributor to NNDKP Privacy Out Loud
  • speaker at ZF Live (November 2023)
  • speaker at the event “Data Protection from CJEU`s perspective. What should companies pay attention to?”, organized by NNDKP (2023)
  • speaker at the CIO Council National Conference, organized by CIO Council and Revista CARIERE (2023)
  • contributor to the “Chat with ChatGPT” debate, organized by Juridice.ro (2023)
  • speaker at the “ZF Digital Summit” event, organized by Ziarul Financiar (2021)
  • speaker at “Timisoara SpotON” webinar series, organized by NNDKP (2020)
  • speaker at HR Breakfast Timisoara, organized by Libero Events (2019)
  • speaker at the event GDPR Talks 2019, organized by Concord Communication (2019)
  • speaker at the conference “Data Protection: Solutions and Responsibilities”, organized by Chamber of Commerce and Industry of Romania and Universul Juridic (2018)
  • speaker at the workshop “Romanian Companies and Cybersecurity”, organized by Cornerstone Communications (2018)
  • speaker at ZF Digital Summit 2018, organized by Ziarul Financiar (2018)
  • speaker at the National Conference on Modern Management in Administration, organized by Oameni si Companii (2018)
  • speaker at the conference “Ready, Steady, GDPR” (Cluj-Napoca), organized by Business Mark (2018)
  • speaker at the GDPR Workshops organized by Brasov Chamber of Commerce (2018)
  • speaker at the Employer Branding Conference, GDPR for Human Resources Workshop, organized by Evensys (2018)
  • speaker at the “Data Protection Conference” organized by Evensys (2017)
  • RuleFinder – Cross Border Data Transfer” (Derivative Services LLP, May 2014)
  • “Data Protection Laws of the World – Romania chapter” (Charles Russell, 2014)
  • Effects of the amendment of the data protection legislation” (Curierul Judiciar, May 2012)
  • Data protection implications on employees recruitment practices (Romania)” (DataGuidance, January 2012)
  • “SEE Legal Employment Guide – Data Protection in Romania” Section (SEE Legal, 2012)